Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2024
CVE-2024-24776
Mattermost fails to check the required permissions in the POST /api/v4/channels/stats/member_count API resulting in channel member counts being leaked to a user without permissions.
CVSS Score
3.1
EPSS Score
0.002
Published
2024-02-09
CVE-2024-25442
An issue in the HuginBase::PanoramaMemento::loadPTScript function of Hugin v2022.0.0 allows attackers to cause a heap buffer overflow via parsing a crafted image.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-02-09
CVE-2024-25443
An issue in the HuginBase::ImageVariable<double>::linkWith function of Hugin v2022.0.0 allows attackers to cause a heap-use-after-free via parsing a crafted image.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-02-09
CVE-2024-25445
Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-02-09
CVE-2024-25446
An issue in the HuginBase::PTools::setDestImage function of Hugin v2022.0.0 allows attackers to cause a heap buffer overflow via parsing a crafted image.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-02-09
CVE-2024-25447
An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-02-09
CVE-2024-25318
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-02-09
CVE-2023-6677
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oduyo Financial Technology Online Collection allows SQL Injection.This issue affects Online Collection: before v.1.0.2.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-02-09
CVE-2024-25302
Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student' parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-02-09
CVE-2024-25307
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "/Cinema-Reservation/booking.php?id=1."
CVSS Score
9.8
EPSS Score
0.001
Published
2024-02-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved